Traditionally, higher education credentials, such as Bachelor's or Master's degrees, have been issued by universities in the form of physical paper documents. Because they vary in structure and appearance across institutions worldwide, the verification of the trustworthiness of these documents is challenging. Often, this leads to manual and laborious verification processes for both, credential holders and relying parties.
Recently, the World Wide Web Consortium has released a specification for Verifiable Credentials supporting the idea of Self-Sovereign Identity. Based on an interoperable, trusted data infrastructure, entities have full control over their digital identities and can issue and receive credentials as cryptographically verifiable claims.
In this thesis, we explore how W3C verifiable credentials can be applied to the context of higher education diplomas and in particular, how they can be verified by relying parties to ensure their contents are trustworthy.
To this end, we identify a set of required verification checks, evaluating different aspects such as the credential's integrity or revocation status. In addition, we require the presenter to prove ownership over the submitted credential and confirm their personal identity by providing a cryptographically linked ID credential.
Furthermore, we design a concept for an interoperable, hierarchically structured trusted issuer registry, serving relying parties as a trust anchor for issuer identification. We also provide a proof of concept of how such a registry can be implemented as a smart contract on the Ethereum blockchain, which is maintained by a set of independent entities and governed on-chain by a majority voting based consensus mechanism.
We analyze and evaluate the landscape of available open-source SSI libraries and how they can facilitate the development of a verifier software. Ultimately, we apply the findings of our research questions to implement a prototype for a verification service that relying parties can easily integrate into their systems to verify given academic credentials.
RQ1: What is an effective validity check for verifiable credentials?
RQ2: What SSI libraries shall be used in the implementation of the verification service?Which type of infrastructure is suited?
RQ3: How can a trusted issuer registry be designed and implemented to serve as a trust anchor for verifying issuers of digital credentials?
Name | Type | Size | Last Modification | Last Editor |
---|---|---|---|---|
Pascal Herrmann Master Thesis.pdf | 3,47 MB | 15.02.2023 | ||
Pascal Herrmann MT Final Presentation.pdf | 16,04 MB | 15.02.2023 | ||
Pascal Herrmann MT Kickoff_Slides.pdf | 2,44 MB | 15.02.2023 |